Microsoft Defender for Cosmos DB is disabled Affecting Security Center service in Azure

Snyk CCSS

Monitoring / Settings

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

Snyk ID SNYK-CC-00800
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Disabling Microsoft Defender for Cosmos DB removes advanced threat protection features, increasing the risk of undetected malicious activities and data breaches.

How to fix?

Set tier to Standard and resource_type to CosmosDbs.

Example Configuration

resource "azurerm_security_center_subscription_pricing" "allowed" {
  tier          = "Standard"
  resource_type = "CosmosDbs"
}

Terraform

azurerm_security_center_subscription_pricing

References

What is Microsoft Defender for Cloud?